Articles about Security

Encryption-focused Apple File System (APFS) replacing HFS+ on macOS, iOS, tvOS, watchOS


Apple was quite boisterous at WWDC today regarding its operating systems and services. Quite frankly, I was blown away at all the ways the company is looking to improve its customers' lives, but some folks were apparently underwhelmed. Oh well, you can't please everyone, I suppose.

For some reason, Apple was fairly quiet about one huge change -- it is replacing the HFS+ file system. Based on the more-than-30-year-old HFS, it is apparently time to move on. What is the upcoming file system called? The unimaginatively "Apple File System". The encryption-ready file system will be used on macOS, iOS, tvOS, and watchOS.

Continue reading

IT pros: Cloud apps are as secure as their on-premise counterparts

Boardroom security

For the first time ever, the majority of cybersecurity professionals believe cloud-based apps are as secure as on-premise apps. Those are the results of a new survey conducted by Bitglass, among 2,200 cybersecurity experts.

According to the report, entitled The Rise of Purpose-Built Cloud Security, 52 percent of those surveyed said they found cloud-based apps as secure as their on-premise counterparts. The most interesting thing is that this percentage has jumped from 40 percent same time last year.

Continue reading

27 percent of apps connected to corporate environments are risky

virtual padlock

As organizations move more of their data to the cloud the risk from shadow IT in the form of connected third-party apps grows greater.

New research from CloudLock CyberLab, the security intelligence part of the CloudLock security platform, finds that 27 percent of third-party apps are classified as high risk. This means cyber criminals could gain programmatic access to corporate platforms and impersonate end users.

Continue reading

New application uses behavioral analytics to fight ransomware


Ransomware is one of the most important security threats for business to deal with as it has the potential to cause serious damage and financial loss.

User behavior specialist Exabeam is launching its Analytics for Ransomware, a new application designed for early detection across the corporate network. Unlike other security products, Exabeam can detect ransomware movement and activity in the network, servers, workstations, BYOD devices, and cloud services.

Continue reading

Behavioral firewall helps guard against data breaches


When a data breach is just as likely to originate from inside the organization as outside, protecting an enterprise can be a difficult task.

Californian company Preempt is launching a new proactive approach that allows organizations to spot threats in real-time without engaging already overwhelmed security teams.

Continue reading

Two in three commercial apps with open source code have security vulnerabilities

open source keyboard button

"If you’re using open source, chances are you are likely including vulnerabilities known to the world at large". This is a quote taken from the latest open source security report released by software company Black Duck.

The company analyzed more than 200 applications that are based on, or partially use, open source material, over a six-month period. The results are that 67 percent of them have vulnerabilities, and every application has at least five vulnerable components.

Continue reading

Julian Assange's WikiLeaks poised to release more Hillary Clinton emails


In a move that could boost Donald Trump's election campaign, WikiLeaks is on the verge of releasing more of Hillary Clinton's emails from her stint as US secretary of state. Clinton's use of a homebrew email server and a private email address for sending classified information has dogged her presidential campaign -- and Julian Assange is happy for that to continue.

The WikiLeaks founder, currently in exile in the Ecuadorian embassy in London, has made no secret of his loathing for Clinton. She is the subject of a federal investigation, and Assange is happy to add fuel to the fire by publicly releasing another batch of emails.

Continue reading

Snowden: Scotland has its own NSA conducting mass surveillance of phone and internet activity


Documents leaked by Edward Snowden reveal that Scottish authorities have been engaged in gathering data about phone and internet usage in much the same way as the NSA and GCHQ. The Scottish Recording Centre (SRC) accessed information gathered as part of a bulk data collection program called MILKWHITE.

Scottish newspaper The National, in conjunction with the website CommonSpace, have exposed Scotland's role in the UK's mass surveillance programs. Police and tax authorities in Scotland -- devolved from UK forces -- were given accessed to what the Intercept describes as 'huge troves of metadata' gathered by spy agencies.

Continue reading

It's not just Windows 10 that has telemetry issues -- Microsoft has done the same with Visual Studio 2015 C++ compiler


An eagle-eyed Reddit user has noticed that code run through Visual Studio 2015 C++ compiler make calls to Microsoft's telemetry services. Microsoft has already upset a large number of people with the privacy and telemetry issues in Windows 10, and there is now a busy thread on Reddit discussing the company's thinking behind including this 'feature'.

Coders have expressed concerns that Microsoft appears to be inserting calls to its telemetry service into binaries as they are compiled. Calls to telemetry_main_invoke_trigger and telemetry_main_return_trigger raised a few eyebrows having been found in both debug and release versions of the software. The good news -- maybe -- is that telemetry can be disabled.

Continue reading

Many UK workers don't know what ransomware is


It seems all that talk by security experts how employee education is the best way to protect a business from a cyber-attack has fallen on deaf ears.

A new study by ISACA, based on a poll of 2,000 UK consumers, says that more than half of those haven’t gotten any cyber-security awareness training, at all.

Continue reading

Collective defense helps security professionals collaborate against cyber crime


To be effective in fighting cyber crime it's important that businesses are able to share intelligence effectively.

Endpoint security company Carbon Black is enabling this with its new Detection eXchange, a collective defense ecosystem which will enable thousands of security professionals to collaborate against hackers and prevent cyber attacks.

Continue reading

India blocks Google's plans for Street View in the country amid security concerns


Google's plans to gather Street View data in India have hit a brick wall after the country rejected the company's proposals.

Indian security agencies expressed concerns about plans to send Google Street View cars around the country, taking 360-degree photos along roadways. This is certainly not the first time Google Street View has faced problems, with numerous cases relating to privacy resulting in changes being made to the service.

Continue reading

Progressive threat detection guards against attacks from anonymous networks

Insider threat

Cyber attackers use a variety of anonymity techniques to avoid detection. Many attacks come from anonymous proxies and anonymity networks are often use valid, but compromised, credentials.

Access control specialist SecureAuth is launching a new Threat Service product to stop suspicious logins even if attackers have valid credentials and even if they are logging in from an anonymous network.

Continue reading

Twitter denies stolen account passwords came from its servers and issues security advice


In recent days the internet has been abuzz with news that credentials for millions of Twitter accounts have been put up for sale on the Dark Web. Despite the online chatter about what many people assumed to be a security breach, Twitter chose to remain silent. Now the company has spoken out after an investigation and denies that the password leak was the result of Twitter being hacked.

Dismissively referring to the "purported Twitter @names and passwords", the company says that the leak is probably a combination of data gathered from previous breaches as well as credentials gathered by malware. Twitter has identified a number of accounts directly affected by the leak and has reset the passwords to protect the owners.

Continue reading

European workers use cloud services for whistle blowing

Man Laptop Dark

Wait until you hear what employees in Europe are using cloud services for. Oh, boy.

Blue Coat Systems has polled more than 3,000 workers in France, Germany and the UK, asking them about their cloud usage habits, and, as it turns out, some employees use such services (Dropbox, Box, Office 365, Slack, LinkedIn, Facebook, Gmail, etc.) to store data before starting a new job, for corporate espionage, whistle-blowing and even "personal protection".

Continue reading

© 1998-2016 BetaNews, Inc. All Rights Reserved. Privacy Policy.